package com.example.springsecurity.controller;

import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
public class LoginController {

    /**
     * 该方法可写可不写 反正不会执行
     * @return
     */
    @RequestMapping("/denglu")
    public String login(){
        System.out.println("进入登录方法");
        return "redirect:main.html";
    }

    @RequestMapping("/toMain")
    public String toMain(){
//        System.out.println("tomain");
//        return "redirect:http://www.baidu.com"; //如此一来即可将页面重定向到百度!
        return "redirect:main.html";
    }


    @ResponseBody
    @Secured("ROLE_admin")  //需要有对应角色才能访问该接口
    @RequestMapping("/toMAin1")
    public String toMain1(){
        return "{\"message\":\"succcessToAdmin1\"}";
    }

    @ResponseBody
    @PreAuthorize("hasAnyRole('admin','normal')")   //允许这两个角色访问
    @RequestMapping("/toMain2")
    public String toMain2(){
        return "{\"message\":\"succcessToAdmin2\"}";
    }

    @RequestMapping("/toError")
    public String error(){
        System.out.println("error");
        return "redirect:error.html";
    }

    @RequestMapping("/testlogin")
    public String testlogin(){
        System.out.println("error");
        return "redirect:http://www.baidu.com";
    }
}
